UPDATE: we no longer recommend installing qlproxy on WHS 2011 as ICAP integration with Squid has become much more superior to using qlproxy as URL rewriter… when next release of Squid possibly support Windows I will update the instructions on how to set up content filtering for WHS + SQUID + qlproxy. For now you may try Diladele Web Safety a companion product for qlproxy that brings content filtering to your desktops and laptops.
See the Windows 8 updated instruction on https://sichent.wordpress.com/2013/04/04/blocking-ads-and-protecting-online-privacy-with-squid-microsoft-windows-8-and-diladele-web-safety
This short (visual 🙂 ) HOWTO will show you how to set up a free web filtering solution to speed up and secure your home / small enterprise web surfing network running on Windows Home Server 2011 platform. This HOWTO is a companion to Installing Squid on Windows Home Server (WHS) 2011. It assumes you followed all the steps presented there and have the running “Squid on Windows” environment.
Step 1. Install QuintoLabs Content Security
In order to get the installation package go the http://quintolabs.com/qlicap_download.php and download binary MSI for Microsoft Windows Home Server 2011. The same package can actually be used in all flavors of Microsoft Windows – even in Windows 8 Developer Preview 🙂 ! Save it on the desktop, right click and choose Install as indicated on the following screenshot.
When installer starts, accept the terms in License Agreement and press Next.
Let it run for a while and press Finish when installation successfully completes.
The only inconvenience is the application is installed in
C:\quintolabs and for now the installation folder can not be changed. The reason for this is the cross platform nature of the application when it is quite common for a Linux targeted application to specify the predefined full paths to its configuration files, and in Windows the user chooses where to install the application.
Upon successful installation the program should add “QuintoLabs Content Security” service to the system (qlproxyd.exe). In order to prove it, press Windows + R, type
services.msc and find the service in the opened MMC window. Startup type should be set to Automatic.
Right click the service name and choose Start. Service status should change to Running. The task manager will show
qlproxyd.exe process running under SYSTEM account.
Step 2. Integration with Squid
The README file in installation directory contains detailed instructions about how to integrate qlproxy with locally installed Squid to perform content filtering on the web traffic.
The integration is straight forward. Open
c:\squid\etc\squid.conf in the notepad and find
url_rewrite_program directive. Uncomment it and add the following (typed as ONE line):
url_rewrite_program C:/quintolabs/opt/quintolabs/qlproxy/sbin/qlproxyd_redirector.exe --config_path=C:/quintolabs/etc/opt/qlproxy/qlproxyd.conf
NOTE: pay attention that forward slashes are used here as path delimiter and NOT backslashes as common in Windows.
url_rewrite_children to 10.
Start the Squid service and notice the specified number of URL rewrite processes (
qlproxyd_redirector.exe) running in Task Manager.
Open your browser, go to your favorite web site and see how qlproxyd filters objectionable content.
We have installed QuintoLabs Content Security on the Windows Home Server 2011 with running Squid version 2.7. QuintoLabs provides URL filtering and web traffic sanitation, Squid provides central caching for all the browsers in the home network.
Unfortunately URL rewrite technology used in Squid 2.7 is limited at what it can do. Only URLs are analyzed, in order to analyze the HTTP response headers and contents of the response we would need Squid 3+ with ICAP enabled… but there is no stable build for WHS at the moment. We could install VMWare (or another virtualization solution) on the server and deploy the Tiny Virtual Appliance from QuintoLabs with preinstalled Linux Debian, Squid 3+ and qlproxy 1.4. Instructions how this virtual appliance was made can be found here.